<?php
	require_once("include/jara_fns.php");
	try {
		session_start();
		$id = $_REQUEST["id"];
		if(isset($_POST["name"])) {
			$name = $_POST["name"];
			$website = $_POST["website"];
			$comment = $_POST["comment"];
			if(substr($website, 0, 4) != "http") {
				$website = "javascript:;";
			}
			$name = htmlspecialchars($name);
			$comment = strip_tags($comment);
			if(!get_magic_quotes_gpc()) {
				$name = addslashes($name);
				$website = addslashes($website);
				$comment = addslashes($comment);
			}
			if(strlen($name) > 64) {
				$name = substr($name, 0, 60) . "...";
			}
			if(!empty($name) && !empty($comment) && $_POST["security"] == $_SESSION["result"]) {
			
				@jara_db_query("insert into jara_comments values('0', '$id', '$name', '$website', '$comment', '".time()."')");
			}
		}
		jara_write_post($id, true);
	}
	catch(JaraDatabaseException $ex) {
		jara_page_start("Database error");
?>
<p>
	A database error occured during the process of creating this page.
</p>
<p>
	Error type: <?php echo (($ex->getSqlStage() == 1) ? "MySQL connection error" : "MySQL query error"); ?><br />
	Error message: &quot;<?php echo $ex->getSqlMsg(); ?>&quot; [code <?php echo $ex->getSqlCode(); ?>]
</p>
<?php
		jara_page_end();
		exit;
	}
	catch(JaraGeneralException $ex) {
		jara_page_start("General error");
?>
<p>
	A general error occured during the process of creating this page.
</p>
<p>
	Error message: &quot;<?php echo $ex->getMessage(); ?>&quot;
</p>
<?php
		jara_page_end();
		exit;
	}
?>